From 17b999c2739006c2ec3b37ed64f119c9ad0b3338 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Pu=C5=A1nik?= Date: Tue, 6 Oct 2015 00:41:12 +0200 Subject: change password --- errors/session.py | 3 +++ server/handlers.py | 19 +++++++++++++++++-- server/user_session.py | 19 ++++++++++++++++++- web/main.js | 23 ++++++++++++----------- 4 files changed, 50 insertions(+), 14 deletions(-) diff --git a/errors/session.py b/errors/session.py index c5170d8..f58f2af 100644 --- a/errors/session.py +++ b/errors/session.py @@ -6,5 +6,8 @@ class NoSuchSession(Exception): class AuthenticationFailed(Exception): pass +class PasswordChangeFailed(Exception): + pass + class RequestProcessingError(Exception): pass \ No newline at end of file diff --git a/server/handlers.py b/server/handlers.py index 0a77e66..a7f4f76 100644 --- a/server/handlers.py +++ b/server/handlers.py @@ -55,6 +55,21 @@ class Login(CodeqService): request.reply({'code': 0, 'message': 'OK', 'sid':session.get_sid(), 'settings':settings}) +class ChangePassword(CodeqService): + def process(self, request): + js = request.data + password = js.get('password') + if password is None: + request.reply({'code': 1, 'message': 'Password was not provided'}) + else: + try: + request.session.change_password(password) + except PasswordChangeFailed: + request.reply({'code': 2, 'message': 'Password change failed'}) + else: + request.reply({'code': 0, 'message': 'OK'}) + + class Settings(CodeqService): def process(self, request): js = request.data @@ -63,7 +78,7 @@ class Settings(CodeqService): request.reply({'code': 1, 'message': 'New settings not provided'}) else: try: - request.session.update_settings(settings) + request.user_session.update_settings(settings) request.session.write_settings_to_db() except NoSuchSession: request.reply({'code': 2, 'message': 'No such session'}) @@ -71,7 +86,6 @@ class Settings(CodeqService): request.reply({'code': 0, 'message': 'OK'}) - class Activity(CodeqService): def process(self, request): js = request.data @@ -246,6 +260,7 @@ class EndProblem(CodeqService): incoming_handlers = { 'list_problems': ProblemList(), 'login': Login(), + 'change_password': ChangePassword(), 'get_problem': GetProblem(), 'logout': None, 'activity': Activity(), diff --git a/server/user_session.py b/server/user_session.py index d80cedd..55f4853 100644 --- a/server/user_session.py +++ b/server/user_session.py @@ -7,7 +7,7 @@ import base64 import random import db import server -from errors.session import NoSuchSession, AuthenticationFailed +from errors.session import NoSuchSession, AuthenticationFailed, PasswordChangeFailed import psycopg2.extras __all__ = ['get_session_by_id', 'get_or_create_session', 'UserSession'] @@ -167,6 +167,22 @@ class UserSession(object): finally: db.return_connection(conn) + def change_password(self, password): + conn = db.get_connection() + try: + cur = conn.cursor() + try: + cur.execute('update codeq_user set password = %s where id = %s', (encrypt_password(password), self.uid,)) + affected = cur.rowcount + if affected is None: + raise PasswordChangeFailed('Password change failed') + finally: + cur.close() + finally: + conn.commit() + db.return_connection(conn) + + def send(self, json_obj): """Sends a message to the user. @@ -223,6 +239,7 @@ def authenticate_and_create_session(username, password): conn.commit() db.return_connection(conn) + def verify_password(plain_password, encrypted_password): elts = encrypted_password.split('$') if len(elts) != 4: diff --git a/web/main.js b/web/main.js index 1a160e6..8d5446b 100644 --- a/web/main.js +++ b/web/main.js @@ -109,17 +109,18 @@ var guiHandlers = { // actions to use default handling should define truthy values that are not functions // (this is to filter out unnecessary traffic before it hits Python) - 'activity': true, - 'query': true, - 'python_exec': true, - 'python_push': true, - 'python_stop': true, - 'hint': true, - 'test': true, - 'get_problem': true, - 'settings': true, - 'load_problem': true, - 'end_problem': true + 'change_password': true, + 'activity': true, + 'query': true, + 'python_exec': true, + 'python_push': true, + 'python_stop': true, + 'hint': true, + 'test': true, + 'get_problem': true, + 'settings': true, + 'load_problem': true, + 'end_problem': true }; server.on('connection', function (socket) { -- cgit v1.2.1